Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/lg2HGPaWNYukKXNL7L06g7epnec.roa
File:                     lg2HGPaWNYukKXNL7L06g7epnec.roa (raw, json)
Hash identifier:          Oe1RNT8qaXrhPTwAY8gG7Z3oG+nAJ7fcgkpuLyVQPUU=
Subject key identifier:   96:0D:87:18:F6:96:35:8B:A4:29:73:4B:EC:BD:3A:83:B7:A9:9D:E7
Certificate issuer:       /CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Certificate serial:       03AD29
Authority key identifier: CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/lg2HGPaWNYukKXNL7L06g7epnec.roa
Signing time:             Mon 23 May 2022 14:17:30 +0000
ROA not before:           Mon 23 May 2022 14:17:30 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     202789
IP address blocks:        185.154.112.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 240937 (0x3ad29)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfdb3d904b34440546b6241d7894d93300bcbd28
        Validity
            Not Before: May 23 14:17:30 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=960d8718f696358ba429734becbd3a83b7a99de7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a6:45:f3:f6:29:e1:2a:8d:fa:5c:38:c2:55:
                    64:d1:fe:06:34:00:2b:74:ff:ec:78:4d:7a:db:a6:
                    be:e4:ff:5d:bc:44:11:0b:de:eb:ec:4b:db:cb:4d:
                    a2:c4:77:81:db:e6:66:01:65:ef:ef:e8:c9:bf:36:
                    0b:10:19:29:34:ee:03:2d:14:b5:e1:27:66:b0:23:
                    36:fc:26:86:80:02:f4:45:a5:d8:bd:db:8a:92:53:
                    22:2e:f2:9e:00:dd:56:0f:72:e4:65:fd:d3:f4:62:
                    c7:0a:5a:97:ad:cd:ad:82:63:ab:90:cc:af:b3:3c:
                    6e:ab:3b:b8:58:fa:71:e6:e1:c6:c6:02:9b:13:15:
                    c4:e9:af:91:57:44:29:c7:6c:ac:6d:cf:63:89:1f:
                    b1:5f:31:96:18:54:ca:07:a3:81:00:51:33:cc:20:
                    8f:61:da:0a:f2:1a:65:5f:6d:ea:1c:1f:cf:98:7d:
                    a3:41:72:96:05:e8:3d:01:be:16:7c:61:b5:1d:f2:
                    90:0d:8b:16:98:77:0d:23:eb:0e:1b:03:d7:2b:c8:
                    cc:66:d8:70:69:6c:3e:a6:c5:35:64:45:2c:c0:1d:
                    35:bb:78:94:81:56:c4:f3:10:97:2f:8a:8f:18:4d:
                    01:cd:6f:37:bb:2f:b6:16:72:cc:33:2b:e1:ec:ad:
                    77:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:0D:87:18:F6:96:35:8B:A4:29:73:4B:EC:BD:3A:83:B7:A9:9D:E7
            X509v3 Authority Key Identifier:
                keyid:CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/lg2HGPaWNYukKXNL7L06g7epnec.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.154.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a8:29:99:97:d2:9a:48:3d:bf:df:d3:99:2d:c2:57:da:4d:92:
         fb:b4:c6:ee:98:59:4c:fb:4b:d1:48:e3:bf:46:7a:d9:96:9a:
         a2:6e:c3:59:a8:a4:3f:99:29:eb:8a:ef:b8:b0:28:79:de:b2:
         f9:09:61:bf:68:d7:1f:2d:8a:0e:9b:17:4b:57:4d:77:f2:4e:
         95:f8:63:42:e7:b8:b7:8c:5b:54:3e:9e:b1:4a:aa:05:e7:9d:
         68:fe:72:cd:44:28:ea:64:90:5e:cd:94:1c:b4:af:5d:d0:09:
         c9:d6:a2:2f:05:28:eb:24:be:c6:05:fb:c6:b6:64:5f:09:5b:
         2a:57:af:98:93:36:85:2c:0d:33:1e:e5:ba:a3:d7:77:71:bb:
         b2:c2:f9:48:dc:0e:04:3a:9b:cd:28:fd:87:d1:3c:bc:f2:ca:
         d7:f0:3a:eb:38:17:cf:8b:67:85:38:4a:ff:69:08:b6:54:fb:
         42:76:60:fc:cf:e9:83:85:e2:35:ff:84:f9:fd:5a:33:27:02:
         92:ae:59:e4:da:e6:e1:43:2d:a7:2b:44:53:90:52:3d:a8:5f:
         e7:f0:b7:98:82:04:26:10:0a:06:4b:c8:57:5b:e2:af:14:aa:
         f3:54:f7:c4:6e:a5:d6:7e:ce:1c:b3:fb:12:cf:01:a4:10:b7:
         aa:7b:82:e0
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA60pMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNm
ZGIzZDkwNGIzNDQ0MDU0NmI2MjQxZDc4OTRkOTMzMDBiY2JkMjgwHhcNMjIwNTIz
MTQxNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NjBkODcxOGY2OTYz
NThiYTQyOTczNGJlY2JkM2E4M2I3YTk5ZGU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqKZF8/Yp4SqN+lw4wlVk0f4GNAArdP/seE1626a+5P9dvEQR
C97r7Evby02ixHeB2+ZmAWXv7+jJvzYLEBkpNO4DLRS14SdmsCM2/CaGgAL0RaXY
vduKklMiLvKeAN1WD3LkZf3T9GLHClqXrc2tgmOrkMyvszxuqzu4WPpx5uHGxgKb
ExXE6a+RV0Qpx2ysbc9jiR+xXzGWGFTKB6OBAFEzzCCPYdoK8hplX23qHB/PmH2j
QXKWBeg9Ab4WfGG1HfKQDYsWmHcNI+sOGwPXK8jMZthwaWw+psU1ZEUswB01u3iU
gVbE8xCXL4qPGE0BzW83uy+2FnLMMyvh7K13BQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJYNhxj2ljWLpClzS+y9OoO3qZ3nMB8GA1UdIwQYMBaAFM/bPZBLNEQFRrYk
HXiU2TMAvL0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJkLzEv
bGcySEdQYVdOWXVrS1hOTDdMMDZnN2VwbmVjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85
MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJkLzEvejlzOWtFczBSQVZH
dGlRZGVKVFpNd0M4dlNnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZpwMA0GCSqGSIb3DQEBCwUAA4IB
AQCoKZmX0ppIPb/f05ktwlfaTZL7tMbumFlM+0vRSOO/RnrZlpqibsNZqKQ/mSnr
iu+4sCh53rL5CWG/aNcfLYoOmxdLV0138k6V+GNC57i3jFtUPp6xSqoF551o/nLN
RCjqZJBezZQctK9d0AnJ1qIvBSjrJL7GBfvGtmRfCVsqV6+YkzaFLA0zHuW6o9d3
cbuywvlI3A4EOpvNKP2H0Ty88srX8DrrOBfPi2eFOEr/aQi2VPtCdmD8z+mDheI1
/4T5/VozJwKSrlnk2ubhQy2nK0RTkFI9qF/n8LeYggQmEAoGS8hXW+KvFKrzVPfE
bqXWfs4cs/sSzwGkELeqe4Lg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:25 2024 by rpki-client on console-ams.rpki-client.org